Get in Touch
2025-12-03

Data Privacy and Security in India: Consequences of Mandatory Installation of ‘Sanchar Saathi’ App

Introduction

India, a country which has become more and more digitalized over the years, faces critical issues like data security and privacy, especially with such a large population. The security of the data on mobile phones is more crucial than ever since they are becoming an essential part of both our personal and professional lives.

On 28th November 2025, the Department of Technology sent out a directive to mandate the pre-installation of a certain mobile app called ‘Sanchar Saathi’ on all smartphones, which may be new or old. This has reignited a larger debate pertaining to the importance of the security concerns faced by the Nation or the privacy concerns of its citizens.

This debate can be argued from either directions. One side can argue that these new measures can help curb theft, robbery, telecom misuse or solve deeper issues like keeping a check on terror to prevent terror attacks. The other side can argue while questioning that till what extent will the Government of a democratic nation go to, to manage security concerns, if it leads to overriding the basic autonomy of its citizens and uprooting their  fundamental rights.

About the Application: Sanchar Saathi

‘Sanchar Saathi’ was introduced by the government as part of telecom security measures to assist consumers in confirming the legitimacy of devices, reporting lost or stolen phones, preventing fraudulent SIM or IMEI-related usage, and reporting spam or questionable communications. The DoT issued a regulation on November 28, 2025, mandating that the app be pre-installed on all smartphones, whether they are freshly launched, imported or currently available in the Indian market. The key features of the directive include:

  • During device setup, the app needs to be “readily visible and accessible.”
  • Its features cannot be “disabled or restricted.”
  • Smartphone makers and importers have 90 days to comply with new devices, and 120 days to file compliance-reports.
  • The mandate anticipates a software update to install the app on devices that have already been shipped or sold.
Standpoint Of The Government

The Government argues that the Sanchar Saathi app might perform crucial security-related tasks for both the government and a large number of regular users and citizens:

  1. It can help in preventing fraud and theft by discouraging the resale of stolen devices or the exploitation of telecom resources by enabling handset authenticity verification and providing users with a simple way to report lost or stolen phones or fraudulent SIM/IMEI use.
  2. It eases the process of reporting and blocking. The app streamlines reporting of missing phones, spam calls or messages, or duplicate connections, especially crucial in a country with a significant second-hand phone market.
  3. Addresses misuse at scale, where a state-backed tool might assist standardise and expedite enforcement against telecom fraud in a wide population with varying degrees of digital literacy, providing a public good in telecom security.

The claim by the Department of Telecommunications, is that is not insignificant that a united and government-led action might benefit all users, particularly the vulnerable, given the growing sophistication of cyber-fraud, phishing, IMEI-spoofing, and other telecom-related crimes.

Privacy and Surveillance Risks

Despite these declared goals, the action has alarmed opposition leaders, civil society organisations, privacy activists, and some members of the public. Their objection rests on numerous significant grounds:

  1. Threatening User Autonomy:

The government has emphasised that the software is “optional” and that users are free to remove it if they so want, but this seems to go against the order that states that its features cannot be limited or removed. This ambiguity weakens the notion of informed consent, which is a cornerstone of data-privacy ethics. One could argue that requiring an app without a clear opt-in violates people’s autonomy in a democratic country.

  1. Risk of Mass Surveillance:

Critics have pointed out that integrating a state-backed software with persistent system-level access into every smartphone might turn millions of devices into tools that are ready for monitoring. Given that the source code is locked, and there has been no open, participatory public review, there is no robust method for public supervision or independent audits. In a country like India, with an emerging data-protection framework and history of privacy debates, this lack of transparency is alarming.

  1. Legal and Constitutional Concerns:

Many perceive the action as contravening the spirit, if not the letter, of the right to privacy guaranteed under Indian constitutional jurisprudence, particularly via the judgement in K.S. Puttaswamy v. Union of India ((2017) 10 SCC 1) that affirmed privacy as a fundamental right.

Mandating pre-installation and deactivating user controls raises problems of proportionality, if such intrusion is actually necessary and narrowly targeted, and whether less intrusive means would suffice. Indeed, some critics believe less intrusive solutions already exist. In absence of public input, and given the stakes, the order risks being challenged on constitutional grounds.

  1. Lack of Transparency and Accountability:

The operations of Sanchar Saathi remain opaque as there is no public disclosure of data-collection procedures, storage regulations, retention duration, data-sharing with third parties or law-enforcement, or audit logs. The risk of data misuse, whether deliberate or the result of carelessness, persists since state-run services like these frequently escape the more stringent standards under privacy regulations or enjoy exemptions.

Moreover, once such infrastructure is established, even if allegedly for legitimate reasons there is always a risk of mission creep, where the app’s functionality might be expanded for broader surveillance or profiling, well beyond its initial stated goals.

AMLEGALS REMARKS

While the objective of preventing fraud and strengthening telecom security may justify exploring measures such as installing an app on smartphones, it is equally important that such steps are accompanied by clear and transparent safeguards.

In a country where digital rights are still evolving, it becomes essential to strike the right balance between administrative efficiency and individual choice. Security measures should aim to enhance public confidence without compromising user autonomy, especially when less intrusive or voluntary mechanisms could offer comparable benefits with greater public acceptance.

For any queries or feedback, feel free to connect with mridusha.guha@amlegals.com or khilansha.mukhija@amlegals.com

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

 

Disclaimer & Confirmation

As per the rules of the Bar Council of India, law firms are not permitted to solicit work and advertise. By clicking on the “I AGREE” button below, user acknowledges the following:

    • there has been no advertisements, personal communication, solicitation, invitation or inducement of any sort whatsoever from us or any of our members to solicit any work through this website;
    • user wishes to gain more information about AMLEGALS and its attorneys for his/her own information and use;
  • the information about us is provided to the user on his/her specific request and any information obtained or materials downloaded from this website is completely at their own volition and any transmission, receipt or use of this site does not create any lawyer-client relationship; and that
  • We are not responsible for any reliance that a user places on such information and shall not be liable for any loss or damage caused due to any inaccuracy in or exclusion of any information, or its interpretation thereof.

However, the user is advised to confirm the veracity of the same from independent and expert sources.

I Agree I Disagree